def yes(self, answer: str) -> None: log.info('Configuring the Cinder services...') if not call('openstack', 'user', 'show', 'cinder'): check('openstack', 'user', 'create', '--domain', 'default', '--password', shell.config_get('config.credentials.cinder-password'), 'cinder') check('openstack', 'role', 'add', '--project', 'service', '--user', 'cinder', 'admin') control_ip = _env['control_ip'] for endpoint in ['public', 'internal', 'admin']: for api_version in ['v2', 'v3']: if not call('openstack', 'service', 'show', f'cinder{api_version}'): check('openstack', 'service', 'create', '--name', f'cinder{api_version}', '--description', f'"Cinder {api_version} API"', f'volume{api_version}') if not check_output('openstack', 'endpoint', 'list', '--service', f'volume{api_version}', '--interface', endpoint): check( 'openstack', 'endpoint', 'create', '--region', 'microstack', f'volume{api_version}', endpoint, f'http://{control_ip}:8776/{api_version}/' '$(project_id)s') log.info('Running Cinder DB migrations...') check('snap-openstack', 'launch', 'cinder-manage', 'db', 'sync') enable('cinder-uwsgi') enable('cinder-scheduler')
def yes(self, answer: str) -> None: log.info('Configuring the Placement service...') if not call('openstack', 'user', 'show', 'placement'): check( 'openstack', 'user', 'create', '--domain', 'default', '--password', shell.config_get('config.credentials.placement-password'), 'placement', ) check('openstack', 'role', 'add', '--project', 'service', '--user', 'placement', 'admin') if not call('openstack', 'service', 'show', 'placement'): check('openstack', 'service', 'create', '--name', 'placement', '--description', '"Placement API"', 'placement') for endpoint in ['public', 'internal', 'admin']: call('openstack', 'endpoint', 'create', '--region', 'microstack', 'placement', endpoint, 'http://{control_ip}:8778'.format(**_env)) log.info('Running Placement DB migrations...') check('snap-openstack', 'launch', 'placement-manage', 'db', 'sync') enable('placement-uwsgi')
def yes(self, answer: str) -> None: log.info('Configuring Glance ...') if not call('openstack', 'user', 'show', 'glance'): check('openstack', 'user', 'create', '--domain', 'default', '--password', shell.config_get('config.credentials.glance-password'), 'glance') check('openstack', 'role', 'add', '--project', 'service', '--user', 'glance', 'admin') if not call('openstack', 'service', 'show', 'image'): check('openstack', 'service', 'create', '--name', 'glance', '--description', '"OpenStack Image"', 'image') for endpoint in ['internal', 'admin', 'public']: check('openstack', 'endpoint', 'create', '--region', 'microstack', 'image', endpoint, 'http://{compute_ip}:9292'.format(**_env)) check('snap-openstack', 'launch', 'glance-manage', 'db_sync') # TODO: remove the glance registry # https://blueprints.launchpad.net/glance/+spec/deprecate-registry for service in [ 'glance-api', 'registry', ]: enable(service) nc_wait(_env['compute_ip'], '9292') sleep(5) # TODO: log_wait self._fetch_cirros()
def yes(self, answer: str) -> None: log.info('Configuring Glance ...') if not call('openstack', 'user', 'show', 'glance'): check('openstack', 'user', 'create', '--domain', 'default', '--password', 'glance', 'glance') check('openstack', 'role', 'add', '--project', 'service', '--user', 'glance', 'admin') if not call('openstack', 'service', 'show', 'image'): check('openstack', 'service', 'create', '--name', 'glance', '--description', '"OpenStack Image"', 'image') for endpoint in ['internal', 'admin', 'public']: check('openstack', 'endpoint', 'create', '--region', 'microstack', 'image', endpoint, 'http://{extgateway}:9292'.format(**_env)) check('snap-openstack', 'launch', 'glance-manage', 'db_sync') restart('glance*') nc_wait(_env['extgateway'], '9292') sleep(5) # TODO: log_wait self._fetch_cirros()
def yes(self, answer: str) -> None: log.info('Configuring nova control plane services ...') if not call('openstack', 'user', 'show', 'nova'): check('openstack', 'user', 'create', '--domain', 'default', '--password', shell.config_get('config.credentials.nova-password'), 'nova') check('openstack', 'role', 'add', '--project', 'service', '--user', 'nova', 'admin') # Assign the reader role to the nova user so that read-only # application credentials can be created. check('openstack', 'role', 'add', '--project', 'service', '--user', 'nova', 'reader') log.info('Running Nova API DB migrations' ' (this may take a lot of time)...') check('snap-openstack', 'launch', 'nova-manage', 'api_db', 'sync') if 'cell0' not in check_output('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'list_cells'): check('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'map_cell0') if 'cell1' not in check_output('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'list_cells'): check('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'create_cell', '--name=cell1', '--verbose') log.info('Running Nova DB migrations' ' (this may take a lot of time)...') check('snap-openstack', 'launch', 'nova-manage', 'db', 'sync') enable('nova-api') restart('nova-compute') for service in [ 'nova-api-metadata', 'nova-conductor', 'nova-scheduler', ]: enable(service) nc_wait(_env['compute_ip'], '8774') sleep(5) # TODO: log_wait if not call('openstack', 'service', 'show', 'compute'): check('openstack', 'service', 'create', '--name', 'nova', '--description', '"Openstack Compute"', 'compute') for endpoint in ['public', 'internal', 'admin']: call('openstack', 'endpoint', 'create', '--region', 'microstack', 'compute', endpoint, 'http://{control_ip}:8774/v2.1'.format(**_env)) log.info('Creating default flavors...') self._flavors()
def _configure(self) -> None: """Configure RabbitMQ (actions may have already been run, in which case we fail silently). """ # Add Erlang HOME to env. env = dict(**_env) env['HOME'] = '{SNAP_COMMON}/lib/rabbitmq'.format(**_env) # Configure RabbitMQ call('rabbitmqctl', 'add_user', 'openstack', 'rabbitmq', env=env) shell('rabbitmqctl set_permissions openstack ".*" ".*" ".*"', env=env)
def yes(self, answer: str) -> None: log.info('Configuring Neutron') if not call('openstack', 'user', 'show', 'neutron'): check('openstack', 'user', 'create', '--domain', 'default', '--password', 'neutron', 'neutron') check('openstack', 'role', 'add', '--project', 'service', '--user', 'neutron', 'admin') if not call('openstack', 'service', 'show', 'network'): check('openstack', 'service', 'create', '--name', 'neutron', '--description', '"OpenStack Network"', 'network') for endpoint in ['public', 'internal', 'admin']: call('openstack', 'endpoint', 'create', '--region', 'microstack', 'network', endpoint, 'http://{extgateway}:9696'.format(**_env)) for service in [ environ['SNAP_INSTANCE_NAME'] + '.neutron-api', environ['SNAP_INSTANCE_NAME'] + '.neutron-dhcp-agent', environ['SNAP_INSTANCE_NAME'] + '.neutron-l3-agent', environ['SNAP_INSTANCE_NAME'] + '.neutron-metadata-agent', environ['SNAP_INSTANCE_NAME'] + '.neutron-openvswitch-agent', ]: check('snapctl', 'start', service) check('snap-openstack', 'launch', 'neutron-db-manage', 'upgrade', 'head') restart('neutron-*') nc_wait(_env['extgateway'], '9696') sleep(5) # TODO: log_wait if not call('openstack', 'network', 'show', 'test'): check('openstack', 'network', 'create', 'test') if not call('openstack', 'subnet', 'show', 'test-subnet'): check('openstack', 'subnet', 'create', '--network', 'test', '--subnet-range', '192.168.222.0/24', 'test-subnet') if not call('openstack', 'network', 'show', 'external'): check('openstack', 'network', 'create', '--external', '--provider-physical-network=physnet1', '--provider-network-type=flat', 'external') if not call('openstack', 'subnet', 'show', 'external-subnet'): check('openstack', 'subnet', 'create', '--network', 'external', '--subnet-range', _env['extcidr'], '--no-dhcp', 'external-subnet') if not call('openstack', 'router', 'show', 'test-router'): check('openstack', 'router', 'create', 'test-router') check('openstack', 'router', 'add', 'subnet', 'test-router', 'test-subnet') check('openstack', 'router', 'set', '--external-gateway', 'external', 'test-router')
def yes(self, answer: str) -> None: """Setup Databases. Create all the MySQL databases we require, then setup the fernet keys and create the service project. """ log.info('Waiting for MySQL server to start ...') self._wait() log.info('Mysql server started! Creating databases ...') self._create_dbs() log.info('Configuring Keystone Fernet Keys ...') check('snap-openstack', 'launch', 'keystone-manage', 'fernet_setup', '--keystone-user', 'root', '--keystone-group', 'root') check('snap-openstack', 'launch', 'keystone-manage', 'db_sync') restart('keystone-*') log.info('Bootstrapping Keystone ...') self._bootstrap() log.info('Creating service project ...') if not call('openstack', 'project', 'show', 'service'): check('openstack', 'project', 'create', '--domain', 'default', '--description', 'Service Project', 'service') log.info('Keystone configured!')
def yes(self, answer: str) -> None: log.info('Configuring Neutron') if not call('openstack', 'user', 'show', 'neutron'): check('openstack', 'user', 'create', '--domain', 'default', '--password', shell.config_get('config.credentials.neutron-password'), 'neutron') check('openstack', 'role', 'add', '--project', 'service', '--user', 'neutron', 'admin') if not call('openstack', 'service', 'show', 'network'): check('openstack', 'service', 'create', '--name', 'neutron', '--description', '"OpenStack Network"', 'network') for endpoint in ['public', 'internal', 'admin']: call('openstack', 'endpoint', 'create', '--region', 'microstack', 'network', endpoint, 'http://{control_ip}:9696'.format(**_env)) check('snap-openstack', 'launch', 'neutron-db-manage', 'upgrade', 'head') enable('neutron-api') enable('neutron-ovn-metadata-agent') nc_wait(_env['control_ip'], '9696') sleep(5) # TODO: log_wait if not call('openstack', 'network', 'show', 'test'): check('openstack', 'network', 'create', 'test') if not call('openstack', 'subnet', 'show', 'test-subnet'): check('openstack', 'subnet', 'create', '--network', 'test', '--subnet-range', '192.168.222.0/24', 'test-subnet') if not call('openstack', 'network', 'show', 'external'): check('openstack', 'network', 'create', '--external', '--provider-physical-network=physnet1', '--provider-network-type=flat', 'external') if not call('openstack', 'subnet', 'show', 'external-subnet'): check('openstack', 'subnet', 'create', '--network', 'external', '--subnet-range', _env['extcidr'], '--no-dhcp', 'external-subnet') if not call('openstack', 'router', 'show', 'test-router'): check('openstack', 'router', 'create', 'test-router') check('openstack', 'router', 'add', 'subnet', 'test-router', 'test-subnet') check('openstack', 'router', 'set', '--external-gateway', 'external', 'test-router')
def _flavors(self) -> None: """Create default flavors.""" if not call('openstack', 'flavor', 'show', 'm1.tiny'): check('openstack', 'flavor', 'create', '--id', '1', '--ram', '512', '--disk', '1', '--vcpus', '1', 'm1.tiny') if not call('openstack', 'flavor', 'show', 'm1.small'): check('openstack', 'flavor', 'create', '--id', '2', '--ram', '2048', '--disk', '20', '--vcpus', '1', 'm1.small') if not call('openstack', 'flavor', 'show', 'm1.medium'): check('openstack', 'flavor', 'create', '--id', '3', '--ram', '4096', '--disk', '20', '--vcpus', '2', 'm1.medium') if not call('openstack', 'flavor', 'show', 'm1.large'): check('openstack', 'flavor', 'create', '--id', '4', '--ram', '8192', '--disk', '20', '--vcpus', '4', 'm1.large') if not call('openstack', 'flavor', 'show', 'm1.xlarge'): check('openstack', 'flavor', 'create', '--id', '5', '--ram', '16384', '--disk', '20', '--vcpus', '8', 'm1.xlarge')
def _bootstrap(self) -> None: if call('openstack', 'user', 'show', 'admin'): return bootstrap_url = 'http://{extgateway}:5000/v3/'.format(**_env) check('snap-openstack', 'launch', 'keystone-manage', 'bootstrap', '--bootstrap-password', _env['ospassword'], '--bootstrap-admin-url', bootstrap_url, '--bootstrap-internal-url', bootstrap_url, '--bootstrap-public-url', bootstrap_url)
def _bootstrap(self) -> None: if call('openstack', 'user', 'show', 'admin'): return bootstrap_url = 'http://{control_ip}:5000/v3/'.format(**_env) check('snap-openstack', 'launch', 'keystone-manage', 'bootstrap', '--bootstrap-password', _env['keystone_password'], '--bootstrap-admin-url', bootstrap_url, '--bootstrap-internal-url', bootstrap_url, '--bootstrap-public-url', bootstrap_url, '--bootstrap-region-id', 'microstack')
def _fetch_cirros(self) -> None: if call('openstack', 'image', 'show', 'cirros'): return env = dict(**_env) env['VER'] = '0.4.0' env['IMG'] = 'cirros-{VER}-x86_64-disk.img'.format(**env) log.info('Fetching cirros image ...') cirros_path = '{SNAP_COMMON}/images/{IMG}'.format(**env) if not path.exists(cirros_path): check('mkdir', '-p', '{SNAP_COMMON}/images'.format(**env)) download( 'http://download.cirros-cloud.net/{VER}/{IMG}'.format(**env), '{SNAP_COMMON}/images/{IMG}'.format(**env)) check('openstack', 'image', 'create', '--file', '{SNAP_COMMON}/images/{IMG}'.format(**env), '--public', '--container-format=bare', '--disk-format=qcow2', 'cirros')
def yes(self, answer: str) -> None: """Setup Databases. Create all the MySQL databases we require, then setup the fernet keys and create the service project. """ log.info('Waiting for MySQL server to start ...') self._wait() log.info('Mysql server started! Creating databases ...') self._create_dbs() check('snapctl', 'set', 'database.ready=true') # Start keystone-uwsgi. We use snapctl, because systemd # doesn't yet know about the service. check('snapctl', 'start', environ['SNAP_INSTANCE_NAME'] + '.nginx') check('snapctl', 'start', environ['SNAP_INSTANCE_NAME'] + '.keystone-uwsgi') log.info('Configuring Keystone Fernet Keys ...') check('snap-openstack', 'launch', 'keystone-manage', 'fernet_setup', '--keystone-user', 'root', '--keystone-group', 'root') check('snap-openstack', 'launch', 'keystone-manage', 'db_sync') restart('keystone-*') log.info('Bootstrapping Keystone ...') self._bootstrap() log.info('Creating service project ...') if not call('openstack', 'project', 'show', 'service'): check('openstack', 'project', 'create', '--domain', 'default', '--description', 'Service Project', 'service') log.info('Keystone configured!')
def yes(self, answer): log.info('Removing ovs bridge.') # Remove bridge. This may not exist, so we silently skip on error. # TODO get bridge name from config (if it gets added to config) # TODO clean up other ovs artifacts? call('ovs-vsctl', 'del-br', 'br-ex')
def yes(self, answer: str) -> None: log.info('Configuring nova ...') if not call('openstack', 'user', 'show', 'nova'): check('openstack', 'user', 'create', '--domain', 'default', '--password', 'nova', 'nova') check('openstack', 'role', 'add', '--project', 'service', '--user', 'nova', 'admin') if not call('openstack', 'user', 'show', 'placement'): check('openstack', 'user', 'create', '--domain', 'default', '--password', 'placement', 'placement') check('openstack', 'role', 'add', '--project', 'service', '--user', 'placement', 'admin') if not call('openstack', 'service', 'show', 'compute'): check('openstack', 'service', 'create', '--name', 'nova', '--description', '"Openstack Compute"', 'compute') for endpoint in ['public', 'internal', 'admin']: call('openstack', 'endpoint', 'create', '--region', 'microstack', 'compute', endpoint, 'http://{extgateway}:8774/v2.1'.format(**_env)) if not call('openstack', 'service', 'show', 'placement'): check('openstack', 'service', 'create', '--name', 'placement', '--description', '"Placement API"', 'placement') for endpoint in ['public', 'internal', 'admin']: call('openstack', 'endpoint', 'create', '--region', 'microstack', 'placement', endpoint, 'http://{extgateway}:8778'.format(**_env)) # Grant nova user access to cell0 sql( "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'{extgateway}' \ IDENTIFIED BY \'nova';".format(**_env)) check('snap-openstack', 'launch', 'nova-manage', 'api_db', 'sync') if 'cell0' not in check_output('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'list_cells'): check('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'map_cell0') if 'cell1' not in check_output('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'list_cells'): check('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'create_cell', '--name=cell1', '--verbose') check('snap-openstack', 'launch', 'nova-manage', 'db', 'sync') restart('nova-*') nc_wait(_env['extgateway'], '8774') sleep(5) # TODO: log_wait log.info('Creating default flavors...') self._flavors()
def yes(self, answer: str) -> None: log.info('Configuring nova ...') if not call('openstack', 'user', 'show', 'nova'): check('openstack', 'user', 'create', '--domain', 'default', '--password', 'nova', 'nova') check('openstack', 'role', 'add', '--project', 'service', '--user', 'nova', 'admin') if not call('openstack', 'user', 'show', 'placement'): check('openstack', 'user', 'create', '--domain', 'default', '--password', 'placement', 'placement') check('openstack', 'role', 'add', '--project', 'service', '--user', 'placement', 'admin') if not call('openstack', 'service', 'show', 'compute'): check('openstack', 'service', 'create', '--name', 'nova', '--description', '"Openstack Compute"', 'compute') for endpoint in ['public', 'internal', 'admin']: call('openstack', 'endpoint', 'create', '--region', 'microstack', 'compute', endpoint, 'http://{extgateway}:8774/v2.1'.format(**_env)) if not call('openstack', 'service', 'show', 'placement'): check('openstack', 'service', 'create', '--name', 'placement', '--description', '"Placement API"', 'placement') for endpoint in ['public', 'internal', 'admin']: call('openstack', 'endpoint', 'create', '--region', 'microstack', 'placement', endpoint, 'http://{extgateway}:8778'.format(**_env)) # Grant nova user access to cell0 sql("GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'{extgateway}' \ IDENTIFIED BY \'nova';".format(**_env)) # Use snapctl to start nova services. We need to call them # out manually, because systemd doesn't know about them yet. # TODO: parse the output of `snapctl services` to get this # list automagically. for service in [ environ['SNAP_INSTANCE_NAME'] + '.nova-api', environ['SNAP_INSTANCE_NAME'] + '.nova-api-metadata', environ['SNAP_INSTANCE_NAME'] + '.nova-compute', environ['SNAP_INSTANCE_NAME'] + '.nova-conductor', environ['SNAP_INSTANCE_NAME'] + '.nova-scheduler', environ['SNAP_INSTANCE_NAME'] + '.nova-uwsgi', ]: check('snapctl', 'start', service) check('snap-openstack', 'launch', 'nova-manage', 'api_db', 'sync') if 'cell0' not in check_output('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'list_cells'): check('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'map_cell0') if 'cell1' not in check_output('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'list_cells'): check('snap-openstack', 'launch', 'nova-manage', 'cell_v2', 'create_cell', '--name=cell1', '--verbose') check('snap-openstack', 'launch', 'nova-manage', 'db', 'sync') restart('nova-*') nc_wait(_env['extgateway'], '8774') sleep(5) # TODO: log_wait log.info('Creating default flavors...') self._flavors()